The system of claim 15 wherein the system comprises at least two content inspection modules operatively connected to a common look-up table. 19. If you need this topic reopened, please send me a PM. In another embodiment, the invention provides a system implemented on a computer or a network of computers for enhancing network based content inspection of a number of concurrently received data payloads With reference to FIG. 1, a content recognition module (CRM) 12 receives a data payload 14.
Not only should adults be on the lookout for suspicious activity in their name, but al also in their children’s name. According to the Federal... 7. The SWP further comprises a trusted gateway agent for communicating between the Web server and the CGI applications. FIG. 1 illustrates a computer 100 executing a Web browser program 105 that is employed by a user to communicate over the Internet 110, in a special language called Hyper Text Inc.Method and system using wildcard valuesUS815624626 Sep 201110 Abr 2012Nomadix, Inc.Systems and methods for providing content and services on a network systemUS819070820 Oct 200029 May 2012Nomadix, Inc.Gateway device having an XML
In addition to containing other virus signatures and fixes, the new VIRUS_SIGNATURES.DAT file contains the virus signature and fix for BAD_APPLE.V. According to another preferred embodiment, there are other time-sensitive antivirus data files such as the files Button Bomb Fighters.DAT 526 and Trojan Horse Fighters.DAT 528 downloaded into the DAT Signature Files At step 102, on a first date such as Apr. 1, Year 0 (4/1/00), the user acquires and loads the antivirus application Antivirus_Application.EXE and the signature files VIRUS_SIGNATURES.DAT, the file VIRUS_SIGNATURES.DAT A NBCI database is connected to Server 3.
FIG. 3 depicts a flowchart representing the preferred method of the invention. While the invention has been described and illustrated with reference to specific embodiments employing a UNIX CMW (Compartment Mode Workstation) based operating system running on an HP 9000 Series 700 workstation, At step 1204, service computer 1020 receives antivirus updates, if any are required, from the central antivirus server 1002. In particular, customers at Web sites on the Internet communicate with a Web server situated outside of the virtual bank which then invokes a plurality of bank related CGI applications within
A typical organization employs a combination of CGI applications and HTML to provide a desired service or product. Scheduling Manager In a preferred embodiment, scheduling the content inspection of multiple inspection tasks is conducted to prevent system resource exhaustion in the event of the rapid or simultaneous arrival of Advantageously, according to the preferred embodiment, the antivirus developers or engineers are permitted to focus on the antivirus aspects of the updates, and the push administration system provider may focus on In another preferred embodiment, a plurality of local client computers are coupled to a local area network antivirus server across a local area network.
More specifically, the invention provides systems and methods for improved NBCI in complex networks that are typical for enterprises and service providers. Using means not shown in FIG. 3, central antivirus server 308 is kept up-to-date with the latest releases of antivirus files, and in the present example is kept up to date Still further, for large, archived payloads, this method does not take advantage of the fact that some components of the payload may have already been inspected. In this system, if the browser is not being used and the system is not otherwise busy (e.g.
While this approach effectively reduces the computation needed for inspecting the same content in the NBCI systems along the path of the content transmission, the method of attaching a DSP to This invention improves the efficiency of the NBCI of an individual communication session by learning from the processing results of other communication sessions which may be carried via different network protocols. Indeed, the preferred embodiments are advantageously applied to many different types of antivirus software programs on many different types of operating systems and computing configurations. As shown in FIGS. 8 and 8A, a content inspection process 80 starts by registering each content inspection task with the TQD CIP manager (FIG. 8, step 82) as each content
According to a preferred embodiment, at step 404 a desktop antivirus update agent is started and remains resident in client computer 302. Database 700 comprises an antivirus database 702 and a subscriber database 704 as shown in FIG. 7. That is, in certain situations, the large file may be processed concurrently with the smaller files based on a particular allocation of system resources. Advantageously, an automated network installation scripting procedure, such as ISEAMLESS™ from McAfee Associates, is used to distribute and install the antivirus updates.
- The MAC policy is a computerized version of the Department of Defense's long-standing multilevel security policy for handling classified information with labels that reflect sensitivity, to maintain those labels or files
- A content inspection process (CIP) will be aborted (step 102) if its TTL drops below an arbitrary threshold value (step 100).
- waiting a pre-determined time period before repeating step ii). 2.
- According to a preferred embodiment, central antivirus server 1002 maintains a database of information which is complementary to the information contained on service computer 1020.
When the user of the client computer is connected to the Internet, the push agent software operates in the background to receive updated antivirus files from the central antivirus server across Importantly, according to a preferred embodiment, the file VIRUS_SIGNATURES.DAT may be updated monthly, weekly, daily or even hourly as newly unleashed viruses are discovered, analyzed, and remedied. Inc.Method, system and portable consumer device using wildcard valuesUS765748422 Ago 20032 Feb 2010Checkfree CorporationElectronic bill presentment via a wide area communications networkUS7657834 *29 Jun 20052 Feb 2010Trusted Computer SolutionsSensitivity label translationUS76741809 As another example, while the preferred embodiments have been described in terms of a single central antivirus server, within the scope of the preferred embodiments are multiple such servers for serving
If a null matching record is found, meaning that the digest does not correspond to a previously stored digest, the payload content 14 b is passed to the content inspection module Generally, network performance can become severely compromised when there are many users accessing large volumes of compressed content. MoskowitzData protection method and deviceUS9070151Mar 12, 2013Jun 30, 2015Blue Spike, Inc.Systems, methods and devices for trusted transactionsUS9104842Aug 24, 2007Aug 11, 2015Scott A.
Through the use of database 700, central antivirus server 308 is capable of determining the requirements of each subscriber, and is capable of determining whether a given subscriber is updated with
In a further embodiment, the system and method enable many copies of data payloads of the same content entering a network via a variety of communication sessions and via different communication The steps performed by push administration system 1003 of FIG. 10 are similar in nature to the steps performed by push administration server 810 of FIG. 8, with added information being FIG. 2 illustrates another practical problem that may arise regarding antivirus software distribution, this time in the context of a typical corporate local area network (LAN). As depicted in the schematic diagram FIG. 2, the flowchart FIG. 3, and the trusted gateway agent program runs (tga.c and tgad.c attached as Appendix A and B, respectfully), data moves
The system of claim 10 further comprising the step of allocating computer system resources for content inspection on the basis of the priority assigned to each data payload. 12. The CIH record of an aborted inspection task will be removed from the CIHL table (step 104). Scheduler;ACT! In this case, the service computer 1020 would only receive the UNIX updates from central antivirus server 1002, and the automated installation procedure would distribute and install the updates only onto
Each local computer has a maximum allowable data rate between itself and the computer network. As of McAfee's Oct. 15, 1997 release of version 3010 of its VirusScan™ signature file updates, these virus signature files collectively comprise over 1.6 MB of virus information. A service computer associated with the plurality of client computers receives one or batches of antivirus updates from a central antivirus server across the Internet using push technology. Server 3 is shown to represent the highest traffic server, possibly as an enterprise gateway.
The gateway client program's argument vector and environment vector are then transferred to the gateway server 240 (Step 330). The local area network antivirus server is, in turn, coupled to a central antivirus server across a packet-switched network. In the embodiment of FIG. 8, the central antivirus server 808 serves a more limited function than the central antivirus server 308 of FIG. 3. The gateway server 240 is initialized directly at system boot time and enabled whenever the Web server 210 is enabled (Step 315).
Shown in FIG. 3 is a central antivirus server 308 having a packet-switched connection to Internet 304. In various embodiments, the content inspection module is a co-processor and/or the content inspection module utilizes CAM (Content-Addressable Memory). Also with the scope of such a preferred embodiment is a system wherein a plurality of servers in the antivirus server hierarchy are coupled by means of private network or an Advantageously, the most recent antivirus software is distributed to the client computers on corporate network 1006 without the need for affirmative action by the system administrator 1022.
Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers.